Fitness trackers, which help monitor sleep quality, heart rate, and other biological indicators, are a popular way to help Americans improve their health and well-being.
There are many different types of trackers on the market, including trackers from well-known brands such as Apple, Fitbit, Garmin, and Oura. Despite the growing popularity of these devices and their legal use, consumers are always aware of the extent to which their information can be used or intercepted by third parties. It does not mean. This is especially important because you can’t simply change your DNA sequence or heart rhythm like you can with your credit card or bank account number.
“Once the toothpaste comes out of the tube, there’s no going back,” says Steve Grobman, senior vice president and chief technology officer at computer security company McAfee.
The holiday season is a popular time to buy consumer health equipment. Here’s what you should know about the security risks associated with fitness trackers and personal health data.
Stick with big name brands even if they get hacked
Fitness equipment can be expensive, even without factoring in inflation, but don’t skimp on security to save a few bucks. may, but a well-established provider that has been compromised is likely to care about its reputation and do something to help consumers, says Kevin Roundy, senior technical director at a cybersecurity firm. said. gene digital.
Indeed, the problem of data breaches, from hacks by criminals to the unintentional sharing of sensitive user information, could hit big names like Fitbit and Strava, which Google acquired in 2021. can take a toll on Still, security experts say it’s better to buy from reputable manufacturers who know how to design secure devices and have a reputation for upkeep.
“Small companies may go out of business,” says Roundy.
Fitness app data is not protected like health information
There may be other concerns besides exposing sensitive personal information in a data breach. For example, fitness trackers typically connect to a user’s phone via Bluetooth, leaving personal data vulnerable to hacking.
Additionally, information collected by fitness trackers is not considered “health information” under federal HIPAA standards or state laws such as the California Health Information Confidentiality Act. This means that personally identifiable data may be used in ways consumers may not expect. For example, personal information may be shared or sold to third parties, such as data his brokers and law enforcement, according to Privacy Rights, a consumer privacy, advocacy and education organization. Ringhouse policy counsel Emory Rohan said.
Some fitness trackers may use consumer health and wellness data to monetize advertising, so if that’s a concern, make sure there’s a way to opt out. There are. Before you buy a fitness tracker, check the provider’s terms and conditions to understand their policies, says Roundy.
You may need to change your default social, location settings
Your fitness tracker’s default settings may not provide the most stringent security controls. Considering what settings can be adjusted for better protection, such as those related to social networking, location, and other shareable information, security researchers at his Kaspersky Lab, a cybersecurity provider said Dan Demeter,
In some states, consumers can also opt out of the sale or sharing of their personal information with third parties, and in some cases these rights have been expanded, Roane said.
Certainly device users need to be careful about what they expose about their location and activity, or what they allow to be exposed by default. This data is searchable online and can be used by malicious individuals. Third parties, such as insurance companies and employers, may have access to this type of public information, even if they are not acting in bad faith.
“Users expect their data to be their data and use it as they please,” says Roane, but that’s not always the case.
“It’s not just about current data, but also historical data,” said Demeter. For example, a malicious person can see all the times (days, hours, where) that person is running and use it to their advantage.
There are also numerous digital scams where criminals can use information about your location to make the opportunity look more plausible. It lends credence to the scammer’s story,” says Grobman.
Location data can also cause problems in other ways. Roane gives the example of a woman seeking reproductive health her care in a state where abortion is illegal. Fitness trackers with geolocation services enabled may collect information that may be subpoenaed by law enforcement or may be purchased by data brokers and sold to law enforcement.
Use strong passwords and two-factor authentication and don’t share credentials
Protect your account by using a strong password that you haven’t used with another account and enabling two-factor authentication for the associated app. Also, don’t share your credentials. This is never a good idea, but can have particularly devastating consequences in certain circumstances. For example, victims of domestic violence could be tracked, Roane said, assuming the abuser has access to their account credentials.
Also, be sure to keep your device and apps up to date with security fixes.
Nothing is 100% provable, but the goal is to be as secure as possible. “If someone tries to profit from our personal information, we’re just making their lives harder, so it’s not that easy to hack us.
.